Q&A: Former FireEye CEO DeWalt On Why He's Joining IoT Security Startups

DeWalt On The Booming IoT Market

Since leaving FireEye earlier this year, Dave DeWalt has dove head first into the fast-growing Internet of Things security startup space, joining the boards of directors of three startups in the space. DeWalt officially left FireEye in February when he resigned as executive chairman after stepping down from the CEO role last May. Since then, DeWalt has joined the board of digital identity IoT security company ForgeRock as vice chairman and operational technology network protection company Claroty as chairman of the board. Those appointments add to DeWalt's position as vice chairman at ForeScout Technologies. In an interview with CRN at the 2017 RSA Conference in San Francisco this month, DeWalt talked about why he was placing his bets on the Internet of Things security market, and why he thinks the opportunity is bigger than ever before for companies in that space.

You left FireEye as CEO in the summer – what have you been up to since?

This time I'm really focused in on [the Internet of Things market]. Most of my years of cyber were on the IT security side, for the most part. I see a lot of trend on some problems in the [operational technology] world. You look at all the speed of devices connecting to everything we have, how smart these devices are … the amount of vulnerabilities they have and how far security is behind on those devices. It's reminiscent of 2008 to me, when China was stealing everything and we weren't prepared.

In the ForgeRock case, it's how do we begin to identify the millions and millions of identity of everything, with people, devices and consumers. ForgeRock has built this incredible identity system to not just identify its employees like traditional systems, but also all the consumers and devices that interact with the company. … ForeScout does all the access control for devices connected. … And Claroty is doing all the threat detection for these systems, looking for anomalies in behavior.

Why are you so interested in the Internet of Things security market, in particular?

I love this world and the things I'm seeing with ancillary attacks on operational technology, including shutting down health-care operations, shutting down service operations, destroying things – we're not prepared for that. On top of that, we're seeing denial-of-service attacks, like the Mirai attacks, using new types of attacks. The gap between offense and defense, you could drive a truck through it. That's why I like the cyber world here, because we can close that gap and solve a real-world problem. That's what I've been starting to do.

There's a lot of companies jumping into Internet of Things security. Why did you pick ForgeRock in particular?

ForgeRock's platform is insane. That's not a technical word, but the scalability – if you look at an average company, most of them have identity solutions all over the company, which creates a surface area of attack. A bank [I talked to] once had 451 different identity systems – how is that even possible? It was a giant bank. Even if you have 10, you have nine too many. Attackers only have to find one of the 451 systems. By consolidating identity, you have all this efficiency of security and privacy controls. This company scales and imports all the devices and systems. It's written as an open-source platform, with micro services. … The company won over $100 million in business this past year. It's not a startup, or it's fast-growing startup. …I actually think ForgeRock is the best-kept-secret company that I've seen. No one gets to $100 million in sales. It's going to be a big name. It's just like I saw FireEye before – no one had ever heard of FireEye and it is now solving real-world problems.

Talk about the challenge you see in IoT security right now.

We would do all these Mandiant things [when I was at FireEye] and every time we walked in we would see problems in these areas. This world that we're living in of IoT…t his is what we're going to be dealing with for the next handful of years. Threats, attacks, privacy problems. … One of the things you can take away from an RSA event like this is what are the big trends coming? The speed of connectivity of these devices and smartness of these devices and the lack of security protections, we have this perfect storm of collision. ... I think the market is a magnitude bigger than the IT market for security, if you think about the size of the amount of devices. … It's just changing every day. It's fascinating. That's where you get security problems, when technology gets out ahead of security and the bad guys are taking advantage of that.

Do you see companies spending a lot of money on IoT security right now?

In the last year, we saw two major attack vectors that we have never seen before. We saw all these ransomware-type themes where you're locking up operational devices. The other is denial-of-services attacks that are happening from the Internet of Things. We had never quite seen that scale of those attacks. It takes a real threat to make people spend money. 2016 was a year of watching threats happen. We have been seeing more and more of that. … I think it's been around for a while, but the focus on this area wasn't as high as it's going to be [going into this year].

What are you doing to get the word out there about these companies?

I think it's a little bit of a coming out for ForgeRock right now. The company hasn't done a lot of – and hasn't needed a lot of – big financing rounds because they're a pretty self-sufficient company to the credit of the management team. … It's the ones you hear about, the unicorns with $100 million in funding but spend it all on marketing, here is a company that did its last round 2.5 years ago and has reached this size. … We've been trying to explain what we've been doing in the marketplace. … It's a very cool company.

Are there other areas of IoT that you haven't invested in or do you feel like you have the full breadth of it now?

The identity of it, the access of it, and the behaviors of it are the biggest threat problems I see at the moment. I think eventually we will need provisioning tools, like blocking tools, as well. That's why I like this Claroty company – today they are doing threat behavior, but eventually they need fail-safe switches built into critical infrastructure if there is a problem and fail-safe systems. Suddenly, if critical infrastructure is under attack, we might notify you there's a problem but the lights are already out. What we want to build is, just like firewalls and at FireEye, you want live, in-line blocking. You don't see a company yet that can do real, in-line blocking of a threat in the Internet of Things. When the Mirai attack occurred, who stopped it? Akamai failed over. … All you have to do is take out Akamai and it's over. Our vulnerabilities just keep changing. Some of this is how do we protect and detect denial of service in the IoT world. You'll see more of this coming.